<!-- SESSION STATE SETTINGS By default ASP.NET uses cookies to identify which requests belong to a particular session. If cookies are not available, a session can be tracked by adding a session identifier to the URL. To disable cookies, set sessionState cookieless="true". --><sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes" cookieless="false" timeout="20" />

Basic recommendations are the following:1. Sticky sessions2. If you have multiple servers, update to use the same machine key in IIS as seen here. 3. Update to the latest Ektron with CUs to avoid any known bugs.4. Resolve any issues with application pool resets due to errors on the system. It is by design that app pools will reset with too many errors or certain kinds of errors. Session will terminate accordingly.